Questions and Answers:90 Q&As
Updated: 2009-09-04
Exam Number/Code: NO0-002
Exam Name: Nokia Security Administrator
Certinside professional IT Q&A vendors, we provide well after-sale service. To all the customers buy the Q&As, we provide track service. when you buy the Q&As with in 3 months. you can enjoy the upgrade Q&As service for free. If in this period, the certified test center change the Nokia Nokia Certification NO0-002 Q&As, we will update the Q&A in the first time, and provide you the download update for free
NO0-002 Free Demo Download
Certinside offers free demo for NO0-002 90 Q & As with Expert Explanations). You can check out the interface, question quality and usability of our practice exams before you decide to buy it.
Download NO0-002 Exam Pdf Demo
Download NO0-002 Exam iEngine Demo
Exam : Nokia NO0-002
Title : Nokia Security Administrator
1. What statement about security practices is NOT true?
A. Your system is only as secure as its weakest link.
B. Many Nokia channel partners can provide a complete security audit and system.
C. Human factors, such as password choice, can be as important as choosing the right equipment.
D. The security administrator only needs to monitor log files when the firewall software sends an alert email.
Answer: D
2. When you save the current configuration in Voyager, this is written to a single file on disk in which directory?
A. /etc
B. flash:
C. /config
D. /var/etc
E. /config/db
Answer: E
3. Which command is valid within clish?
A. ipsoinfo
B. netstat -a
C. show route
D. show config
Answer: C
4. Which syslog-written log file contains the majority of useful messages on IPSO?
A. /var/log/messages
B. /var/adm/messages
C. $FWDIR/log/fw.log
D. /var/log/httpd_error_log
E. C:WINNTSYSTEM32FWLOG. TXT
Answer: A
5. Which scenarios duplicate every component in your design so that the system can continue to operate in case of failure of any one component?
A. Use a clustered firewall with two separate Cisco switches, one for internal, one for external.
B. Use a clustered firewall with two Cisco switches, one attached with VLANs to the inside and outside of the first firewall, one attached with VLANs to the inside and outside of the second firewall. The Cisco switches bridge to each other internal to internal and external to external. There is no spanning tree.
C. Use two serial links into two Cisco routers, into two firewalls into two internal Cisco routers. There are no shared networks, but the Cisco pair, firewall pair, and internal Cisco pair each have point to point links between them. The whole system runs OSPF. There is no clustering, but FW1 state sync is configured.
Answer: BC
6. Which three aspects of the Nokia solution provide cost benefits vs. using Checkpoint FW1 on the Windows platform? (Choose three.)
A. the ability to manage the system using a lightweight VNC session
B. the ability to integrate out of the box with dynamically routed networks
C. the ability to manage policy remotely via the Checkpoint SMART Dashboard
D. the ability to scale the solution using dynamically load-balanced Nokia clustering
E. the ability to manage the system using a lightweight ssh session or serial console
Answer: BDE
7. Which combination of tcpdump flags provides extra information about packet MAC addresses and more detailed information about the contents?
A. -e -v
B. -q -s
C. -v -v
D. -R -z
E. -a -R -e
Answer: A
8. When you apply changes to the current configuration in Voyager, some system files such as the hosts file are immediately rebuilt so that packages can find the information more easily. Where are these files kept?
A. /etc
B. flash
C. /image
D. /var/etc
E. /config/db
Answer: D
9. In VRRP version 2, the original master router is automatically assigned the highest possible priority. Everything is currently working correctly, and all machines are up. Which priority is seen on the wire if everything is currently working correctly and all machines are up when using VRRP version 2?
A. 1
B. 31
C. 63
D. 99
E. 255
F. 1023
Answer: E
10. Which Layer 2 role can Nokia IPSO platforms fulfill?
A. Bridging
B. Spanning Tree
C. Frame Relay Switching
D. Network Address Translation
Answer: A
11. Which three advantages might you gain by using a dedicated remote syslog server, over using the local text-based syslog files? (Choose three.)
A. object ID information
B. multiple indexing and searching
C. guaranteed delivery of log events
D. retention of facility and severity fields
E. a separate audit of login events in case of malicious activity
Answer: BDE
12. Which two trap types would be sent to a newly configured SNMP manager by a newly configured IPSO unit? (Choose two.)
A. coldStart
B. linkUp/linkDown
C. clusterMemberJoin
D. systemOverTemperature
E. systemTrapNoDiskSpace
Answer: AB
13. Which IPSO root ( / ) level directories are actually read-write partitions? (Choose the ONE answer that lists ALL of the right partitions.)
A. /config, /var
B. /config, /opt, /var
C. /config, /image, /var
D. /config, /image, /opt, /var
E. /config, /etc, /image, /opt, /var/etc, /var/log
Answer: B
14. Which is NOT a valid IPSO boot-manager command?
A. ls
B. boot
C. setenv
D. sysinfo
E. raidinfo
Answer: E
15. Which statement is true about restoring a backup set to a newly replaced unit?
A. The restore must be initiated from the bootmanager.
B. Restoring a backup requires serial login to the IP platform.
C. The firewall must have its license installed before restore is run.
D. The replaced disk must be exactly the same size as the failed disk.
E. The replacement firewall must have the save software and software version of the failed firewall.
Answer: E
16. Which command allows you to view the main system log file in real time?
A. vi -f /var/log/messages
B. tail -f /var/log/messages
C. tail -20 /var/adm/messages
D. tail -20 -f $FWDIR/log/fw.log
E. tail /var/admin/messages | more
Answer: B
